Redirect users to logon page only if not authonticated in asp.net MVC

NET MVC project i have开发者_高级运维 following tag in in web.config file

<authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="2880"/> </authentication>

This causes even the authenticated users but unauthorized resource requested users to redirect to logon page. but i need only to redirect this page if user try to access unauthorized page and not already authenticated(logged on) and redirect to custom page.

Is there easy way to do this without writing custom action filter?

All that this line does in web.config is to simply define the timeout of the authentication cookie and the login url. It is your code that decides which parts of the site are authenticated or no, by for example decorating your controllers and/or actions with the [Authorize] attribute.

please check your "authorization" setting in web.config file. It should be somewhat

<authorization>
      <deny users="?" />
      <allow users="*" />
    </authorization>

also when user authenticates successfully make sure you call

FormsAuthentication.SetAuthCookie(<username>, false);